← back
CVE-2018-1204

CVE-2018-1204

EPSS 2.4%
Dell EMC Isilon OneFS versions between 8.1.0.0 - 8.1.0.1, 8.0.1.0 - 8.0.1.2, and 8.0.0.0 - 8.0.0.6, versions 7.2.1.x, and version 7.1.1.11 is affected by a path traversal vulnerability in the isi_phone_home tool. A malicious compadmin may potentially exploit this vulnerability to execute arbitrary code with root privileges.
Affected products
Dell EMC · Isilon OneFS
public PoCs found2
cve_referencewww.exploit-db.com/exploits/44039/unverifiedexploitdbwww.exploit-db.com/exploits/44039unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://seclists.org/fulldisclosure/2018/Mar/50https://www.coresecurity.com/advisories/dell-emc-isilon-onefs-multiple-vulnerabilitieshttps://www.exploit-db.com/exploits/44039/http://www.securityfocus.com/bid/103033